Shopping Product Reviews
April 30, 2021

5 simple precautions to protect personal data outside of the office

A recent Times article caught my eye. The notion of “extreme jobs” was being discussed. I think most of us can agree with the idea that there has been an inexorable increase in pressure on us to always be available, work longer and longer hours and still be prepared to answer the mobile phone to a client or the boss. until late at night. on weekends and even on holidays. Coupled with the immediate availability of increasingly sophisticated mobile technology, it is inevitable that many of us will take work home, or at least, out of the safety of the office environment.

For many of us, that means we take away confidential information, and the consequences of losing that data could be catastrophic. One of my current tasks is to prepare a security awareness training for colleagues who work in a large public sector offering. We will provide this training to highly trained and experienced IT professionals, but looking around I remember that what is obvious and necessary to a security specialist is often an annoying distraction to others at best. We must all remember that mishandling of confidential information can have serious contractual and even legal consequences for both an individual and their employer.

So, take a look at these 5 simple precautions to make sure you’re not the one making the headlines.

1: Pay attention to the physical security of your laptop while traveling: Any attempt to work outside of the office almost inevitably means carrying a laptop loaded with project data (including sensitive business and even personal data) on the go. No matter how you travel, it is sure to present many opportunities for your laptop to be lost or stolen. It’s fair to assume that generally the motive for the theft is to sell the laptop onward, rather than a concerted attempt to obtain the data stored on it. However, you should take reasonable care not to advertise that you could be a worthy target. For example, do not use your company pass outside the building. The risk is higher when you have to leave the laptop unattended:

  • While driving, keep the laptop out of sight, in the trunk of your car.
  • When staying at a hotel, keep your laptop in a safe, if there is one in your room.
  • When using the notebook in a public place, secure the notebook with a Kensington lock.

2: use whole disk encryption to protect your data: If your laptop is lost or stolen, the cost of replacing the hardware is relatively less, and it’s insured anyway, isn’t it? The real cost of the incident is the loss or disclosure of confidential information stored on the laptop. To protect against this, you must install full disk encryption software. This ensures that all data on the laptop’s disk is encrypted, when the laptop is turned off. Only when the laptop is turned on and the authorized user completes pre-boot authentication is the data on the disk decrypted and available for use. Commercial software is available from several well-known vendors, including PGP and DESlock. You should be aware that unless care is taken, even the authorized user may not be able to decrypt the data on the disk. You must ensure that:

  • Run the operating system’s disk maintenance utilities to defragment the disk and check and mark bad areas on the disk;
  • You must perform a full backup of the disk volumes before installing the encryption software;
  • The installation process will give you the opportunity to create emergency recovery information; be sure to write this ERI to CD or other removable media and keep it in a safe place;
  • Most importantly, the encryption software only takes effect when the laptop is turned off or hibernated. You should never travel with your laptop in standby mode.

3: Protect yourself against eavesdropping when working in public places: One of my favorite tech commentators is Peter Cochrane, who writes a regular column for Silicon.com. Earlier this year, Peter reported how easy it was to collect confidential information from other travelers on the train. Anyone who regularly rides on commuter train services will be familiar with prying conversations and (worse) one-sided conversations on the mobile phone, which provide much more sensitive information than they should.

Resist the temptation to discuss sensitive matters in public places and try to cut down on calls to your mobile phone until you can find a more private place. Back to Peter Cochrane again. During his frequent air travel, he noticed that people were using mobile phones to photograph the screens of other people’s laptops. His blog shows how it is possible (with enough patience and a little experimentation) to get a reasonable picture of someone’s laptop screen. This situation is easily solved for a modest outlay, through the use of a privacy screen. These hook onto the laptop screen and make it impossible to read the screen unless you are directly in front of it. These screens work the same way as polarized sunglasses; make sure they are properly positioned.

4: If you must use removable media, take special care: It is almost an immutable law of nature that if you copy sensitive data to removable media, eventually those media will be lost. The simplest remedy, of course, is not to use removable media. My current employer prohibits the use of these devices in public sector projects, and at one point at least one UK government department filled laptop USB ports with superglue, to be absolutely sure. Of course, a blanket ban is not always feasible, so if you need to use a memory card, removable drive, or the like, here are some suggestions:

  • Never allow the use of removable personal devices – you have no idea how or where they have been used before or will be used next.
  • Have a group of memory cards for your project, clearly marked and with some kind of unique identifier. Have team members check them in (with a signature) when they need them, and make sure missing or expired devices are always tracked immediately.
  • Always encrypt the device. As we discussed earlier in this article, the use of full disk encryption when it comes to sensitive information is absolutely vital. So if everyone on your team has the ability, it’s crazy not to use it for removable devices as well.
  • It is worth the effort to select only the minimum amount of data to copy to removable media. It may be faster to export all the content in a database, but you should do everything in your power to limit the potential loss.

5: Always use a secure connection over public networks: Lastly, when you are out of the office and need to work, take care to protect your communications. Assume that all networks (in hotels or other public spaces, at customer sites, and even at home) are hostile. Always use a virtual private network (VPN) connection to encrypt all your traffic when connecting to your organization’s intranet from the outside, and never use a public computer or your home computer to connect to the intranet. So to summarize, a combination of sensible procedural precautions, along with a few simple and inexpensive technical additions, can go a long way toward controlling the risks of taking sensitive information out of the normal office environment. These measures may be a bit inconvenient, but they will go a long way toward ensuring that you are not responsible for a data loss, leading to massive reputational damage, loss of contracts, and potentially huge fines for your employer.

admin
0

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Recent Comments

    Categories

    TOTOTOGEL
    Slot gacor
    Slot
    slot dana

    Archives

    Meta

    1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1